Code Red "was never a threat", BBC News says, presumably quoting Keynote Systems. A Keynote guy was on TechTV yesterday explaining their findings: Code Red has caused (according to The Register's sardonic meta-reporting) an estimated $1.2 billion in damage, and [up to] an incredible $8.7 billion when its bitter reign of destruction finally ends,
starting 18 and 19 July.
And, oh yeah, that was when that CSX train carrying hazardous materials derailed, severing some big important cables up the NY/DC corridor. But that wouldn't have anything to do with it, eh?
Apparently we have only our representatives to blame:
The blame for the hype has been laid squarely at the door of the US National Infrastructure Protection Centre which, said Mr Cluley [of an off-brand anti-virus company], has a history of making predictions that have not come true.
In the past the NIPC has wrongly predicted that the Y2K bug would be followed by a wave of destructive viruses [and] that Chinese hackers were about to wreak havoc on US websites [in May], again a prediction that did not come true.
Code Red is probably even more like Y2K than that: people and the media drummed up enough fear and paranoia that when--partly (but not wholly) due to all the worry--everyone involved was on top of the thing, resulting in an utter non-event, spectacular only in its absence.
Though we might also thank the authors' lack of foresight for a Windows worm that disappears after rebooting.
